Unanswered Questions Cloud the Recent Targeting of an Asian Research Org

By: Nate Nelson， Contributing Writer， Dark Reading — February 23^rd 2023 at 19:30

A novel threat group, utilizing new malware, is out in the wild. But the who, what, where, and why are yet to be determined, and there's evidence of a false-flag operation.

Dark Reading:

Scammers Mimic ChatGPT to Steal Business Credentials

By: Nate Nelson， Contributing Writer， Dark Reading — February 22^nd 2023 at 21:55

Hackers will take anything newsworthy and turn it against you, including the world's most advanced AI-enabled chatbot.

Dark Reading:

Massive GoAnywhere RCE Exploit: Everything You Need to Know

By: Nate Nelson， Contributing Writer， Dark Reading — February 17^th 2023 at 17:35

Weeks after an exploit was first announced in a popular cloud-based file transfer service, could some organizations still be vulnerable? The answer is yes.

Dark Reading:

NewsPenguin Goes Phishing for Maritime & Military Secrets

By: Nate Nelson， Contributing Writer， Dark Reading — February 9^th 2023 at 22:15

A sophisticated cyber-espionage attack against high-value targets attending a maritime technology conference in Pakistan this weekend has been in the works since last year.

Dark Reading:

Twitter Implements API Paywall, but Will That Solve Its Enormous Bot Crisis?

By: Nate Nelson， Contributing Writer， Dark Reading — February 9^th 2023 at 16:47

Restricting the Twitter API will have implications across Twitter, the broader Internet, and society, experts say. Is there a cybersecurity silver lining, or will threat actors pay to play?

Dark Reading:

'Money Lover' Finance App Exposes User Data

By: Nate Nelson， Contributing Writer， Dark Reading — February 7^th 2023 at 22:54

A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.

Dark Reading:

Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks

By: Nate Nelson， Contributing Writer， Dark Reading — February 2^nd 2023 at 18:23

The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.

Dark Reading:

Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover

By: Nate Nelson， Contributing Writer， Dark Reading — February 1^st 2023 at 16:00

Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.

Dark Reading:

Phishers Trick Microsoft Into Granting Them 'Verified' Cloud Partner Status

By: Nate Nelson， Contributing Writer， Dark Reading — January 31^st 2023 at 20:00

Everyone on Twitter wants a blue check mark. But Microsoft Azure's blue badges are even more valuable to a threat actor stealing your data via malicious OAuth apps.

Dark Reading:

Federal Agencies Infested by Cyberattackers via Legit Remote Management Systems

By: Nate Nelson， Contributing Writer， Dark Reading — January 26^th 2023 at 20:13

Hackers don't need a key to get past your defenses if they can essentially teleport using RMMs, warns CISA and the NSA.

Dark Reading:

North Korea's Top APT Swindled $1B From Crypto Investors in 2022

By: Nate Nelson， Contributing Writer， Dark Reading — January 25^th 2023 at 17:45

The DPRK has turned crypto scams into big business to replenish its depleted state coffers.

Dark Reading:

'DragonSpark' Malware: East Asian Cyberattackers Create an OSS Frankenstein

By: Nate Nelson， Contributing Writer， Dark Reading — January 24^th 2023 at 17:22

Hackers cleverly cobbled together a suite of open source software — including a novel RAT — and hijacked servers owned by ordinary businesses.